| ▲ | simmons 5 hours ago | ||||||||||||||||
Yes, I remember feeling pride in the stability of my systems when I saw a large uptime. I had a server that had 1000 days of uptime, once. Now when I see a large uptime, I'm terrified of what security patches the kernel may be missing! | |||||||||||||||||
| ▲ | milesvp 2 hours ago | parent | next [-] | ||||||||||||||||
I still remember the days of servers as pets, rather than cattle, and I was harping about server uptime. A wizened server admin piped in and said he rebooted his servers once a week. Said, if you do it any less frequently, then the odds of catching an error causing change while the person who made said change (possibly himself) is still around and can remember what they did go down precipitously. So, to avoid headaches and potential downtime when it mattered, he would just take servers out of rotation and reboot them, and make sure they came back online. | |||||||||||||||||
| |||||||||||||||||
| ▲ | mmh0000 2 hours ago | parent | prev | next [-] | ||||||||||||||||
Live Kernel Patching has been around for about 20 years[-1] now. Red Hat Enterprise Linux[1] and Oracle (Enterprise Linux) Unbreakable Linux[2] both use it as a selling point. This feature is still a bit ad hoc because, in most setups, rebooting a system isn't a huge burden and is much simpler than using boutique commands to live-patch it. [-1] https://en.wikipedia.org/wiki/Ksplice [1] https://www.redhat.com/en/topics/linux/what-is-linux-kernel-... | |||||||||||||||||
| ▲ | da-x 4 hours ago | parent | prev | next [-] | ||||||||||||||||
Thankfully there's livepatching (e.g. https://ubuntu.com/security/livepatch ) | |||||||||||||||||
| |||||||||||||||||
| ▲ | fragmede 4 hours ago | parent | prev [-] | ||||||||||||||||
Ksplice came out of MIT in 2008, which updates your kernel while it's running. No need to reboot! Supports Ubuntu. | |||||||||||||||||